<?php
if (!defined("LEVEL") || !defined("OK")) { header("Location: ?"); }

if (isset($url['u']) && !empty($url['u'])) { $uid = input($url['u']); }
if (isset($url['i']) && isnum($url['i']) && $url['i'] > 0) { $pid = (int)$url['i']; } else { $pid = 0; }
if (isset($url['d']) && isnum($url['d']) && $url['d'] > 0) { $did = (int)$url['d']; } else { $did = 0; }
if (isset($url['p']) && isnum($url['p']) && $url['p'] > 0) { $p = (int)$url['p']; } else { $p = 0; }


//$uid = input($url['u']);
//$pid = (int)$url['i'];
$limit = 10;
//echo "<b>[\$func=$func, \$mid=$mid, \$uid=$uid, \$pid=$pid]</b>";
$uzeris = mysql_fetch_assoc(mysql_query1("SELECT * FROM users WHERE nick='" . $_SESSION['username'] ."'"));
//$pm_sk = mysql_fetch_assoc(mysql_query1("SELECT count(*) AS viso FROM `private_msg` WHERE `to`=".escape($uzeris['nick']).""));
$pm_sk = kiek("`private_msg` WHERE `to`=".escape($uzeris['nick'])."");
unset($text);
if (isset($url['d']) && isnum($url['d']) && $url['d'] >= 0) {
	if ($url['d'] == 0) {
		mysql_query1("DELETE FROM `private_msg` WHERE `to`=".escape($_SESSION['username']));
		header("Location: ?id,45;p,".$url['p']."");
	}
	elseif ((int)$url['d'] > 0) { 
		mysql_query1("DELETE FROM `private_msg` WHERE `to`=".escape($_SESSION['username'])." AND `id`=".escape((int)$url['d']));
		header("Location: ?id,45;p,".$url['p']."");
	}
}

// ################# Siunciam zinute ##########################
if (isset($_POST['action']) && $_POST['action'] == 'pm_send') {
			$from = $_SESSION['username'];
			$to = input($_POST['to']);
			if ($to == $_SESSION['username']) { $error = "Sau privačios žinutės siųsti negalima<br />"; }
			$title = input($_POST['title']);
			if (!isset($title)) { $title = "[Be Pavadinimo]"; }
			$msg = $_POST['msg'];
			$date = date("Y-m-d H:i:s");
			$sql = mysql_num_rows(mysql_query1("SELECT nick FROM users WHERE nick=".escape($to)));
			if ($sql == 0) { $error = "Vartotojas kurį įvedėte neegzistuoja"; }
			if (!$error) {
				$result = mysql_query1("INSERT INTO `private_msg` (`from`, `to`, `title`, `msg`, `read`, `date`) VALUES (" . escape($from) .", " . escape($to) .", " . escape($title) .", " . escape($msg) .", 'NO', '" . $date ."')");
				if (!$result) { $error = "Jūsų žinutė neišsiųsta"; }
				if ($result) {
					$error = "Jūsų žinutė išssiųsta vartotojui<b> " . $to ."</b>";
					redirect("?id,45","meta");
				}
			}
}
// ######### Paneles rodymas ir zinuciu isvedimas ######################
$text = "
	<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">
		<tr>
			<td colspan=\"4\" valign=\"top\">
				
				<fieldset>
				<legend>Laisva vieta</legend>
				<table border=0>
					<tr>
						<td>
						Liko: <b>" . ($uzeris['pm_viso'] - $pm_sk) . "</b><br />
						Išnaudota <b>" . $pm_sk ."</b> iš <b>" . $uzeris['pm_viso'] ."</b><br />";
						if ($pm_sk < 10) { $pm_img = "<img src='images/pm/0.gif'></img>"; }
						if ($pm_sk >= 10) { $pm_img = "<img src='images/pm/1.gif'></img>"; }
						if ($pm_sk >= 20) { $pm_img = "<img src='images/pm/2.gif'></img>"; }
						if ($pm_sk >= 30) { $pm_img = "<img src='images/pm/3.gif'></img>"; }
						if ($pm_sk >= 40) { $pm_img = "<img src='images/pm/4.gif'></img>"; }
						if ($pm_sk >= 50) { $pm_img = "<img src='images/pm/5.gif'></img>"; }
						if ($pm_sk >= 60) { $pm_img = "<img src='images/pm/6.gif'></img>"; }
						if ($pm_sk >= 70) { $pm_img = "<img src='images/pm/7.gif'></img>"; }
						if ($pm_sk >= 80) { $pm_img = "<img src='images/pm/8.gif'></img>"; }
						if ($pm_sk >= 90) { $pm_img = "<img src='images/pm/9.gif'></img>"; }
						if ($pm_sk >= 100) { $pm_img = "<img src='images/pm/10.gif'></img>"; }
						$text .= $pm_img ."
						</td>
					</tr>
					<tr>
						<td></td>
					</tr>
				</table>
				</fieldset>

			<fieldset>
			<legend>Privačių žinučių veiksmai</legend>
				<table border=0 width=30%>
					<tr>
						<td>
							<center>
							<a href='?id,45;n,1'><img src='images/pm/new.png' alt='nauja zinute' border='0' /></a>
							</center>
						</td>
						<td>
							<center>
							<a href='?id,45'><img src='images/pm/inbox.png' alt='Skaityti zinutes' border='0'  /></a>
							</center>
						</td>
						<td>
							<center>
							<a href='?id,45;d,0' onclick=\"return confirm('Ar tikrai ištrinti visas žinutes?')\"><img src='images/pm/inbox.png' alt='Trinti visas zinutes' border='0'  /></a>
							</center>
						</td>
					</tr>
					<tr>
						<td><center><a href='?id,45;n,1'>Nauja žinutė</a></center></td>
						<td><center><a href='?id,45'>Gautos žinutės</a></center></td>
						<td><center><a href='?id,45;d,0' onclick=\"return confirm('Ar tikrai ištrinti visas žinutes?')\">Trinti žinutes</a></center></td>
					</tr>
				</table>
			 </fieldset>
			 
			</td>
		</tr>
		<tr>
			<td valign=\"top\">
			<fieldset>
			<legend>Gautos žinutės</legend>
			<table border=0 width=100%>
				<tr>
					<td class=\"title\" width=\"1%\"></td>
					<td class=\"title\" width=\"15%\">Siuntėjas</td>
					<td class=\"title\" width=\"45%\">Tema</td>
					<td class=\"title\" width=\"20%\">Data</td>
					<td class=\"title\" width=\"20%\">Veiksmai</td>
				</tr>";
				
				$row = mysql_query1("SELECT * FROM `private_msg` WHERE `to`=".escape($uzeris['nick'])." ORDER BY date DESC LIMIT $p,$limit");
				while ($pm = mysql_fetch_assoc($row)) {
					$text .= "
							<tr>
								<td  class=\"sarasas\">
					";
					if ($pm['read'] == "NO") {
						$text .="<img src='images/pm/pm_new.gif' />";
					}
					else {
						$text .= "<img src='images/pm/pm_read.gif' />";
					}
					$text .= "</td>";
					$pmid = $pm['id'];
					$text .=" <td  class=\"sarasas\">" . $pm['from'] ."</td>
								
								<td  class=\"sarasas\"><a href='?id,45;v,$pmid'>" . $pm['title'] ."</a></td>
								<td  class=\"sarasas\">" . $pm['date'] ."</td>
								<td  class=\"sarasas\"><a href='?id,45;n,1;u," . $pm['from'] .";i," . $pm['id'] ."'><img src='images/pm/replay.png' border=0 alt=\"Atsakyti\"></img></a><a href='".url('d,'.$pmid.'')."'><img src='images/pm/delete.png' border=0 alt=\"Trinti\" /></a></td>
							</tr>
					";
				}
				//function puslapiai($start,$count,$total,$range=0,$link=""){
				$text .= puslapiai($p,$limit,$pm_sk,10);
				$text .= "
			</table>
			</fieldset>
			</td>
		</tr>
		<tr>
			<td colspan=\"4\">
";


// ##################### Perziureti zinute ######################
if (isset($url['v'])) {
	if(!empty($url['v']) && (int)$url['v']) {
		$sql = mysql_fetch_assoc(mysql_query1("SELECT `msg`, `from`, `title` FROM `private_msg` WHERE `to`=".escape($_SESSION['username'])." AND id=".escape($url['v']).""));
		//if (!$sql) { header("Location: ?home"); }
		if ($sql) {
			$text .= "
				<fieldset>
				<legend>Privačios žinutės tekstas:</legend>
				<table border='0' width='100%'>
					<tr>
						<td class=\"title\" align=\"left\">Nuo: " . $sql['from'] ." Tema: " . $sql['title'] ."</td>
					</tr>
					<tr>
						<td width=\"50%\"  class=\"sarasas\"><div align=\"justify\"><p>" . bbcode($sql['msg']) ."</p></div></td>
					</tr>
				</table>
				<form name=\"replay_pm\" action='?id,45;n,1;u," . $sql['from'] .";i," . $url['v'] ."' method=\"post\">
					<input type=\"submit\" value=\"Atsakyti\"/> <input type=\"button\" value=\"Trinti\" onclick=\"location.href='".url("d,".$url['v']."")."'\"/>
				</form>
				</fieldset>
			";
			mysql_query1("UPDATE `private_msg` SET `read`='YES' WHERE `id`=".escape($url['v'])." AND `to`=".escape($_SESSION['username'])."");
		}
	}
	//else { header("Location: ?home"); }
}

// ################### Siusti nauja zinute arba atsakyti i esancia ######################################
if (isset($url['n'])) {
	if (!empty($url['n']) && (int)$url['n']) {
		// #################### Jei nustatytas uzeris ir zinutes ID kuria reikia atsakyti ##################
		if (isset($uid) && (int)$pid > 0) {
			$sql = mysql_fetch_assoc(mysql_query1("SELECT * FROM `private_msg` WHERE `from`=".escape($uid)." AND `id`=".escape($pid).""));
			if ($sql) {
				if (isset($error) && !empty($error)) { msg("Dėmesio!",$error); }
				$text .= "
					<fieldset>
					<legend>Parašyta žinutė:</legend>
				";
				$text .= "Autorius:<b> " . $uid ."</b><br />Žinutė:<b><i> " . input($sql['msg']) ."</i></b><br />";
				$text .= "</fieldset>";
				$sql2 = mysql_query1("SELECT `nick` FROM users ORDER BY nick ASC");
				if(!isset($error)) {
				$text .= "
						<fieldset>
						<legend>Atsakyti privačią žinutę</legend>
						<form name=\"msg\" action=\"\" method=\"post\">
							<table border=0 width=100%>
								<tr>
									<td width=\"15%\" class=\"sarasas\">Gavėjas:</td>
									<td>
										<select size=\"1\" name=\"to\">
				";
										while($row = mysql_fetch_assoc($sql2)) {
											$text .= "<option value=" . $row['nick'] ."";
											if ($row['nick'] == $uid) { $text .= " selected"; }
											$text .= ">" . $row['nick'] ."</option>\n";
										}
				$text .= "
										</select>
									</td>
								</tr>
								<tr>
									<td class=\"sarasas\">Tema:</td>
									<td><input name=\"title\" type=\"text\" size=\"50\" value='Re: " . $sql['title'] ."'></td>
								</tr>
								<tr>
									<td valign='top' align='left' class=\"sarasas\">Pranešimas:</td>
									<td>
									<textarea name=\"msg\" rows=5 cols=50 wrap=\"on\"></textarea>
									<br />
									".bbk("msg")."
									<br />
									<input type=\"submit\" value=\"Siųsti\">
									<input type=\"hidden\" name=\"action\" value=\"pm_send\" />
									</td>
							</tr>
							</table>

						</form>
						</fieldset>
				";
				}
			}
		}

		// ############### Jei nera paspaustas atsakyti mygtukas sukuriam paprasta forma #################
		if ((int)$pid == 0) {
			$sql = mysql_query1("SELECT `nick` FROM users WHERE `nick` <> ".escape($_SESSION['username'])." ORDER BY nick ASC");
			if (isset($error) && !empty($error)) { msg("Dėmesio!",$error); }
			$text .= "
				<fieldset>
				<legend>Siųsti privačia žinutę</legend>
				<form name=\"msg\" action=\"\" method=\"post\">
					<table border=0 width=100%
					<tr>
						<td width=\"15%\" class=\"sarasas\">Gavėjas:</td>
						<td>
							<select size=\"1\" name=\"to\">
			";
							while($row = mysql_fetch_assoc($sql)) {
								$text .= "<option value=" . $row['nick'] ." ";
								if ($row['nick'] == $uid) { $text .= "selected"; }
								$text .= ">" . $row['nick'] ."</option>";
							}
			$text .= "
							</select>
						</td>
					</tr>
					<tr>
						<td class=\"sarasas\">Tema:</td>
						<td><input name=\"title\" type=\"text\" size=\"50\" value=\"\"></td>
					</tr>
					<tr>
						<td valign='top' align='left' class=\"sarasas\">Pranešimas:</td>
						<td><textarea name=\"msg\" rows=5 cols=50 wrap=\"on\"></textarea>
						<br />
						".bbk("msg")."
						<br />
						<input type=\"submit\" value=\"Siųsti\">
						<input type=\"hidden\" name=\"action\" value=\"pm_send\" />
					</td>
					</tr>
					</table>
				</form>
			</fieldset>
			";
		}
	}
	else { header("Location: ?home"); }
}
$text .= "
			</td>
		</tr>
	</table>
";
lentele("Privačios žinutės",$text);
?>
